<!DOCTYPE html>
<html>
<head><meta name="generator" content="Hexo 3.9.0">
    

    

    



    <meta charset="utf-8">
    
    
    
    
    <title>详解Shiro登录登出的操作流程 | 欢迎参观小灰灰的网站哟 ヾ(◍°∇°◍)ﾉﾞ ~ | It&#39;s founded on March 9, 2019 and the open source address for the blog notes https://github.com/YUbuntu0109/YUbuntu0109.github.io</title>
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
    
    <meta name="theme-color" content="#3F51B5">
    
    
    <meta name="keywords" content="Java,Shiro">
    <meta name="description" content="学习笔记 : 详解Shiro登录登出的操作流程在shiro中,用户需要提供principals(身份)和credentials(证明)给shiro,继而来验证用户的身份信息,最常见的princpals和 credentials组合就是用户名 / 密码啦~  principals : 身份,即主体的标识属性,如用户名、邮箱等,需唯一. 一个主体可以有多个principals,但只有一个Primary">
<meta name="keywords" content="Java,Shiro">
<meta property="og:type" content="article">
<meta property="og:title" content="详解Shiro登录登出的操作流程">
<meta property="og:url" content="https://yubuntu0109.github.io/2019/08/01/详解Shiro登录登出的操作流程/index.html">
<meta property="og:site_name" content="欢迎参观小灰灰的网站哟 ヾ(◍°∇°◍)ﾉﾞ ~">
<meta property="og:description" content="学习笔记 : 详解Shiro登录登出的操作流程在shiro中,用户需要提供principals(身份)和credentials(证明)给shiro,继而来验证用户的身份信息,最常见的princpals和 credentials组合就是用户名 / 密码啦~  principals : 身份,即主体的标识属性,如用户名、邮箱等,需唯一. 一个主体可以有多个principals,但只有一个Primary">
<meta property="og:locale" content="en">
<meta property="og:image" content="https://yubuntu0109.github.io/2019/08/01/详解Shiro登录登出的操作流程/Shiro-登录登出源码流程图.png">
<meta property="og:updated_time" content="2020-03-31T12:36:02.685Z">
<meta name="twitter:card" content="summary">
<meta name="twitter:title" content="详解Shiro登录登出的操作流程">
<meta name="twitter:description" content="学习笔记 : 详解Shiro登录登出的操作流程在shiro中,用户需要提供principals(身份)和credentials(证明)给shiro,继而来验证用户的身份信息,最常见的princpals和 credentials组合就是用户名 / 密码啦~  principals : 身份,即主体的标识属性,如用户名、邮箱等,需唯一. 一个主体可以有多个principals,但只有一个Primary">
<meta name="twitter:image" content="https://yubuntu0109.github.io/2019/08/01/详解Shiro登录登出的操作流程/Shiro-登录登出源码流程图.png">
    
        <link rel="alternate" type="application/atom+xml" title="欢迎参观小灰灰的网站哟 ヾ(◍°∇°◍)ﾉﾞ ~" href="/atom.xml">
    
    <link rel="shortcut icon" href="/favicon.ico">
    <link rel="stylesheet" href="//unpkg.com/hexo-theme-material-indigo@latest/css/style.css">
    <script>window.lazyScripts=[]</script>

    <!-- custom head -->
    

</head>

<body>
    <div id="loading" class="active"></div>

    <aside id="menu" class="hide" >
  <div class="inner flex-row-vertical">
    <a href="javascript:;" class="header-icon waves-effect waves-circle waves-light" id="menu-off">
        <i class="icon icon-lg icon-close"></i>
    </a>
    <div class="brand-wrap" style="background-image:url(/img/brand.jpg)">
      <div class="brand">
        <a href="/" class="avatar waves-effect waves-circle waves-light">
          <img src="/img/my-portrait.jpg">
        </a>
        <hgroup class="introduce">
          <h5 class="nickname">黄宇辉</h5>
          <a href="mailto:3083968068@qq.com" title="3083968068@qq.com" class="mail">3083968068@qq.com</a>
        </hgroup>
      </div>
    </div>
    <div class="scroll-wrap flex-col">
      <ul class="nav">
        
            <li class="waves-block waves-effect">
              <a href="/"  >
                <i class="icon icon-lg icon-home"></i>
                Homepage
              </a>
            </li>
        
            <li class="waves-block waves-effect">
              <a href="/archives"  >
                <i class="icon icon-lg icon-archives"></i>
                Archives
              </a>
            </li>
        
            <li class="waves-block waves-effect">
              <a href="/tags"  >
                <i class="icon icon-lg icon-tags"></i>
                Tags
              </a>
            </li>
        
            <li class="waves-block waves-effect">
              <a href="/categories"  >
                <i class="icon icon-lg icon-th-list"></i>
                Categories
              </a>
            </li>
        
            <li class="waves-block waves-effect">
              <a href="https://github.com/YUbuntu0109" target="_blank" >
                <i class="icon icon-lg icon-github"></i>
                Github
              </a>
            </li>
        
            <li class="waves-block waves-effect">
              <a href="https://space.bilibili.com/364361791" target="_blank" >
                <i class="icon icon-lg icon-link"></i>
                Bilibili
              </a>
            </li>
        
      </ul>
    </div>
  </div>
</aside>

    <main id="main">
        <header class="top-header" id="header">
    <div class="flex-row">
        <a href="javascript:;" class="header-icon waves-effect waves-circle waves-light on" id="menu-toggle">
          <i class="icon icon-lg icon-navicon"></i>
        </a>
        <div class="flex-col header-title ellipsis">详解Shiro登录登出的操作流程</div>
        
        <div class="search-wrap" id="search-wrap">
            <a href="javascript:;" class="header-icon waves-effect waves-circle waves-light" id="back">
                <i class="icon icon-lg icon-chevron-left"></i>
            </a>
            <input type="text" id="key" class="search-input" autocomplete="off" placeholder="Search">
            <a href="javascript:;" class="header-icon waves-effect waves-circle waves-light" id="search">
                <i class="icon icon-lg icon-search"></i>
            </a>
        </div>
        
        
        <a href="javascript:;" class="header-icon waves-effect waves-circle waves-light" id="menuShare">
            <i class="icon icon-lg icon-share-alt"></i>
        </a>
        
        <!-- add the background music on Mar 11,2019
        <div>
            <iframe frameborder="no" border="0" marginwidth="0" marginheight="0" width=280 height=52 src="//music.163.com/outchain/player?type=2&id=438801642&auto=1&height=32"></iframe>
        </div>
        -->
    </div>
</header>
<header class="content-header post-header">

    <div class="container fade-scale">
        <h1 class="title">详解Shiro登录登出的操作流程</h1>
        <h5 class="subtitle">
            
                <time datetime="2019-08-01T13:48:07.000Z" itemprop="datePublished" class="page-time">
  2019-08-01
</time>


            
        </h5>
    </div>

    


</header>


<div class="container body-wrap">
    
    <aside class="post-widget">
        <nav class="post-toc-wrap post-toc-shrink" id="post-toc">
            <h4>TOC</h4>
            <ol class="post-toc"><li class="post-toc-item post-toc-level-2"><a class="post-toc-link" href="#学习笔记-详解Shiro登录登出的操作流程"><span class="post-toc-number">1.</span> <span class="post-toc-text">学习笔记 : 详解Shiro登录登出的操作流程</span></a><ol class="post-toc-child"><li class="post-toc-item post-toc-level-3"><a class="post-toc-link" href="#登录登出案例"><span class="post-toc-number">1.1.</span> <span class="post-toc-text">登录登出案例</span></a><ol class="post-toc-child"><li class="post-toc-item post-toc-level-4"><a class="post-toc-link" href="#案例源码流程图"><span class="post-toc-number">1.1.1.</span> <span class="post-toc-text">案例源码流程图</span></a></li></ol></li><li class="post-toc-item post-toc-level-3"><a class="post-toc-link" href="#案例源码流程分析"><span class="post-toc-number">1.2.</span> <span class="post-toc-text">案例源码流程分析</span></a></li></ol></li></ol>
        </nav>
    </aside>


<article id="post-详解Shiro登录登出的操作流程"
  class="post-article article-type-post fade" itemprop="blogPost">

    <div class="post-card">
        <h1 class="post-card-title">详解Shiro登录登出的操作流程</h1>
        <div class="post-meta">
            <time class="post-time" title="2019-08-01 13:48:07" datetime="2019-08-01T13:48:07.000Z"  itemprop="datePublished">2019-08-01</time>

            


            

        </div>
        <div class="post-content" id="post-content" itemprop="postContent">
            <h2 id="学习笔记-详解Shiro登录登出的操作流程"><a href="#学习笔记-详解Shiro登录登出的操作流程" class="headerlink" title="学习笔记 : 详解Shiro登录登出的操作流程"></a>学习笔记 : 详解Shiro登录登出的操作流程</h2><p><em>在shiro中,用户需要提供principals(身份)和credentials(证明)给shiro,继而来验证用户的身份信息,最常见的princpals和 credentials组合就是用户名 / 密码啦~</em></p>
<ul>
<li>principals : 身份,即主体的标识属性,如用户名、邮箱等,需唯一. 一个主体可以有多个principals,但只有一个Primary principals,一般是用户名 / 密码 / 手机号</li>
<li>credentials : 证明 / 凭证,即只有主体知道的安全值,如密码 / 数字证书等</li>
</ul>
<h3 id="登录登出案例"><a href="#登录登出案例" class="headerlink" title="登录登出案例"></a>登录登出案例</h3><p><em>接下来通过一个模拟验证用户登录信息的示例程序,来探究并分析一下Shiro的验证用户身份信息的流程</em></p>
<ol>
<li><p><em>pom.xml : Maven依赖</em></p>
<figure class="highlight xml"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br></pre></td><td class="code"><pre><span class="line"><span class="tag">&lt;<span class="name">dependencies</span>&gt;</span></span><br><span class="line">    <span class="comment">&lt;!--Junit 单元测试 --&gt;</span></span><br><span class="line">    <span class="tag">&lt;<span class="name">dependency</span>&gt;</span></span><br><span class="line">        <span class="tag">&lt;<span class="name">groupId</span>&gt;</span>junit<span class="tag">&lt;/<span class="name">groupId</span>&gt;</span></span><br><span class="line">        <span class="tag">&lt;<span class="name">artifactId</span>&gt;</span>junit<span class="tag">&lt;/<span class="name">artifactId</span>&gt;</span></span><br><span class="line">        <span class="tag">&lt;<span class="name">version</span>&gt;</span>4.11<span class="tag">&lt;/<span class="name">version</span>&gt;</span></span><br><span class="line">        <span class="tag">&lt;<span class="name">scope</span>&gt;</span>test<span class="tag">&lt;/<span class="name">scope</span>&gt;</span></span><br><span class="line">    <span class="tag">&lt;/<span class="name">dependency</span>&gt;</span></span><br><span class="line">    <span class="comment">&lt;!-- Shiro核心包 --&gt;</span></span><br><span class="line">    <span class="tag">&lt;<span class="name">dependency</span>&gt;</span></span><br><span class="line">        <span class="tag">&lt;<span class="name">groupId</span>&gt;</span>org.apache.shiro<span class="tag">&lt;/<span class="name">groupId</span>&gt;</span></span><br><span class="line">        <span class="tag">&lt;<span class="name">artifactId</span>&gt;</span>shiro-core<span class="tag">&lt;/<span class="name">artifactId</span>&gt;</span></span><br><span class="line">        <span class="tag">&lt;<span class="name">version</span>&gt;</span>1.3.2<span class="tag">&lt;/<span class="name">version</span>&gt;</span></span><br><span class="line">    <span class="tag">&lt;/<span class="name">dependency</span>&gt;</span></span><br><span class="line">    <span class="comment">&lt;!-- slf4j的接口实现 --&gt;</span></span><br><span class="line">    <span class="tag">&lt;<span class="name">dependency</span>&gt;</span></span><br><span class="line">        <span class="tag">&lt;<span class="name">groupId</span>&gt;</span>org.slf4j<span class="tag">&lt;/<span class="name">groupId</span>&gt;</span></span><br><span class="line">        <span class="tag">&lt;<span class="name">artifactId</span>&gt;</span>slf4j-log4j12<span class="tag">&lt;/<span class="name">artifactId</span>&gt;</span></span><br><span class="line">        <span class="tag">&lt;<span class="name">version</span>&gt;</span>1.7.12<span class="tag">&lt;/<span class="name">version</span>&gt;</span></span><br><span class="line">    <span class="tag">&lt;/<span class="name">dependency</span>&gt;</span></span><br><span class="line"><span class="tag">&lt;/<span class="name">dependencies</span>&gt;</span></span><br></pre></td></tr></table></figure>
</li>
<li><p><em>shiro.ini : 存储用户身份信息(账户=密码)</em></p>
<figure class="highlight ini"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line"><span class="section">[users]</span></span><br><span class="line"><span class="attr">root</span>=yubuntu0109</span><br></pre></td></tr></table></figure>
</li>
<li><p><em>ShiroTest.java : 模拟验证用户登录信息(把断点打在<code>currentUser.login(token)</code>)</em></p>
<figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br></pre></td><td class="code"><pre><span class="line"><span class="keyword">package</span> pers.huangyuhui;</span><br><span class="line"></span><br><span class="line"><span class="keyword">import</span> org.apache.shiro.SecurityUtils;</span><br><span class="line"><span class="keyword">import</span> org.apache.shiro.authc.AuthenticationException;</span><br><span class="line"><span class="keyword">import</span> org.apache.shiro.authc.IncorrectCredentialsException;</span><br><span class="line"><span class="keyword">import</span> org.apache.shiro.authc.UnknownAccountException;</span><br><span class="line"><span class="keyword">import</span> org.apache.shiro.authc.UsernamePasswordToken;</span><br><span class="line"><span class="keyword">import</span> org.apache.shiro.config.IniSecurityManagerFactory;</span><br><span class="line"><span class="keyword">import</span> org.apache.shiro.mgt.SecurityManager;</span><br><span class="line"><span class="keyword">import</span> org.apache.shiro.subject.Subject;</span><br><span class="line"><span class="keyword">import</span> org.apache.shiro.util.Factory;</span><br><span class="line"><span class="keyword">import</span> org.junit.Test;</span><br><span class="line"></span><br><span class="line"><span class="comment">/**</span></span><br><span class="line"><span class="comment"> * Shiro认证测试:验证用户登录信息</span></span><br><span class="line"><span class="comment"> */</span></span><br><span class="line"><span class="keyword">public</span> <span class="class"><span class="keyword">class</span> <span class="title">ShiroTest</span> </span>&#123;</span><br><span class="line"></span><br><span class="line">    <span class="meta">@Test</span></span><br><span class="line">    <span class="function"><span class="keyword">public</span> <span class="keyword">void</span> <span class="title">testLogin</span><span class="params">()</span> </span>&#123;</span><br><span class="line">        <span class="comment">//1:加载配置文件,创建SecurityManager工厂对象</span></span><br><span class="line">        Factory&lt;SecurityManager&gt; factory = <span class="keyword">new</span> IniSecurityManagerFactory(<span class="string">"classpath:shiro.ini"</span>);</span><br><span class="line">        <span class="comment">//2:获得securityManager实例对象</span></span><br><span class="line">        SecurityManager securityManager = factory.getInstance();</span><br><span class="line">        <span class="comment">//3:将securityManger实例绑定到当前运行环境中,便于访问</span></span><br><span class="line">        SecurityUtils.setSecurityManager(securityManager);</span><br><span class="line">        <span class="comment">//4:创建当前登录的主体</span></span><br><span class="line">        Subject currentUser = SecurityUtils.getSubject();</span><br><span class="line">        <span class="comment">//5:绑定主体登录的身份/凭证,既账户及密码</span></span><br><span class="line">        UsernamePasswordToken token = <span class="keyword">new</span> UsernamePasswordToken(<span class="string">"root"</span>, <span class="string">"yubuntu0109"</span>);</span><br><span class="line">        <span class="comment">//6:主体登录</span></span><br><span class="line">        <span class="keyword">try</span> &#123;</span><br><span class="line">            currentUser.login(token);</span><br><span class="line">            System.out.println(<span class="string">"用户身份是否验证成功 :"</span> + currentUser.isAuthenticated());</span><br><span class="line">        &#125; <span class="keyword">catch</span> (UnknownAccountException e) &#123;</span><br><span class="line">            System.err.println(<span class="string">"用户账户信息错误 !"</span>);</span><br><span class="line">        &#125; <span class="keyword">catch</span> (IncorrectCredentialsException e) &#123;</span><br><span class="line">            System.err.println(<span class="string">"用户密码信息错误 !"</span>);</span><br><span class="line">        &#125; <span class="keyword">catch</span> (AuthenticationException e) &#123;</span><br><span class="line">            e.printStackTrace();</span><br><span class="line">        &#125;</span><br><span class="line">        <span class="comment">//8:注销登录</span></span><br><span class="line">        currentUser.logout();</span><br><span class="line">        System.out.println(<span class="string">"身份身份是否注销成功 :"</span> + !currentUser.isAuthenticated());</span><br><span class="line"></span><br><span class="line">    &#125;</span><br><span class="line">&#125;</span><br></pre></td></tr></table></figure>
</li>
<li><p><em>程序运行效果如下所示 :</em></p>
<figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment">// ······</span></span><br><span class="line">用户身份是否验证成功 :<span class="keyword">true</span></span><br><span class="line"><span class="comment">// ······</span></span><br><span class="line">身份身份是否注销成功 :<span class="keyword">true</span></span><br></pre></td></tr></table></figure>
</li>
</ol>
<h4 id="案例源码流程图"><a href="#案例源码流程图" class="headerlink" title="案例源码流程图"></a>案例源码流程图</h4><p><em>在分析源码之前,先看一下该案例的源码流程图吧,也便于后面对源码分析的理解~</em><br><figure class="image-bubble">
                <div class="img-lightbox">
                    <div class="overlay"></div>
                    <img src="/2019/08/01/详解Shiro登录登出的操作流程/Shiro-登录登出源码流程图.png" alt title>
                </div>
                <div class="image-caption"></div>
            </figure></p>
<ol>
<li><em>调用<code>subject.login(AuthenticationToken token)</code>方法进行用户登录,其会自动委托给<code>securityManager.login(Subject subject, AuthenticationToken token)</code>方法进行登录</em></li>
<li><em><code>securityManager</code>(安全管理器)通过<code>Authenticator</code>(认证器)进行认证</em></li>
<li><em><code>Authenticator</code>的实现类<code>ModularRealmAuthenticator</code>通过调用<code>realm</code>从<code>shiro.ini</code>配置文件中获取用户真实的信息(账户和密码),这里的Realm(域)可以看成DataSource,即安全数据源</em></li>
<li><em><code>IniRealm</code>(可通过加载.ini文件生成reaml对象)先根据<code>token</code>中的账号去<code>shiro.ini</code>配置文件中去匹配该账号,如果找不到则<code>ModularRealmAuthenticator</code>返回null,如果找到则继续匹配密码,若匹配成功则认证通过,反之不通过哟~</em> </li>
<li><em>最后可以使用<code>Subject.logout()</code>进行退出操作</em></li>
</ol>
<h3 id="案例源码流程分析"><a href="#案例源码流程分析" class="headerlink" title="案例源码流程分析"></a>案例源码流程分析</h3><ol>
<li><em>运行上述程序,首先debug(Step into)进入<code>currentUser.login(token)</code>内部,既DelegatingSubject.java. 从源码可以看出 : 与Subject的所有交互都会委托给SecurityManager. 可以把Subject认为是一个门面,SecurityManager才是实际的执行者哟~</em><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">public</span> <span class="keyword">void</span> <span class="title">login</span><span class="params">(AuthenticationToken token)</span> <span class="keyword">throws</span> AuthenticationException </span>&#123;</span><br><span class="line">        <span class="keyword">this</span>.clearRunAsIdentitiesInternal();</span><br><span class="line">        Subject subject = <span class="keyword">this</span>.securityManager.login(<span class="keyword">this</span>, token);</span><br><span class="line">        <span class="comment">// ······</span></span><br></pre></td></tr></table></figure>
</li>
</ol>
<p><em>继续(Step into)进入<code>this.securityManager.login(this, token);</code>,既DefaultSecurityManager.java. 此时验证用户身份的的操作正式开始</em><br><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">public</span> Subject <span class="title">login</span><span class="params">(Subject subject, AuthenticationToken token)</span> <span class="keyword">throws</span> AuthenticationException </span>&#123;</span><br><span class="line">        AuthenticationInfo info;</span><br><span class="line">        <span class="keyword">try</span> &#123;</span><br><span class="line">            info = <span class="keyword">this</span>.authenticate(token);</span><br><span class="line">        &#125; <span class="keyword">catch</span> (AuthenticationException var7) &#123;</span><br><span class="line">        <span class="comment">// ······</span></span><br></pre></td></tr></table></figure></p>
<ol start="2">
<li><p><em>继续(Step into)进入<code>this.authenticate(token)</code>,既AuthenticatingSecurityManager.java. 从源码可以看出SecurityManager将<code>token</code>委托给了Authenticator(认证器)去执行用户身份的认证操作</em></p>
<figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">public</span> AuthenticationInfo <span class="title">authenticate</span><span class="params">(AuthenticationToken token)</span> <span class="keyword">throws</span> AuthenticationException </span>&#123;</span><br><span class="line">        <span class="keyword">return</span> <span class="keyword">this</span>.authenticator.authenticate(token);</span><br><span class="line">    &#125;</span><br></pre></td></tr></table></figure>
</li>
<li><p><em>继续(Step into)进入<code>this.authenticator.authenticate(token)</code>,既AbstractAuthenticator.java. 由<code>info = this.doAuthenticate(token);</code>获取一个AuthenticationInfo对象</em></p>
<figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">public</span> <span class="keyword">final</span> AuthenticationInfo <span class="title">authenticate</span><span class="params">(AuthenticationToken token)</span> <span class="keyword">throws</span> AuthenticationException </span>&#123;</span><br><span class="line">       <span class="keyword">if</span> (token == <span class="keyword">null</span>) &#123;</span><br><span class="line">           <span class="keyword">throw</span> <span class="keyword">new</span> IllegalArgumentException(<span class="string">"Method argument (authentication token) cannot be null."</span>);</span><br><span class="line">       &#125; <span class="keyword">else</span> &#123;</span><br><span class="line">           log.trace(<span class="string">"Authentication attempt received for token [&#123;&#125;]"</span>, token);</span><br><span class="line"></span><br><span class="line">           AuthenticationInfo info;</span><br><span class="line">           <span class="keyword">try</span> &#123;</span><br><span class="line">               info = <span class="keyword">this</span>.doAuthenticate(token);</span><br><span class="line">               <span class="keyword">if</span> (info == <span class="keyword">null</span>) &#123;</span><br><span class="line">                   String msg = <span class="string">"No account information found for authentication token ["</span> + token + <span class="string">"] by this Authenticator instance.  Please check that it is configured correctly."</span>;</span><br><span class="line">                   <span class="keyword">throw</span> <span class="keyword">new</span> AuthenticationException(msg);</span><br><span class="line">               &#125;</span><br><span class="line">       <span class="comment">// ······</span></span><br></pre></td></tr></table></figure>
</li>
<li><p><em>继续(Step into)进入<code>info = this.doAuthenticate(token)</code>,既ModularRealmAuthenticator.java. 然后从系统所加载配置文件所对应的Realms的值中获取(<code>this.getRealms()</code>)一个realms对象,该对象中包含一个<code>users</code>属性,其中包含着用户的身份及凭证信息,例如账号为root,密码为yubuntu0109的用户信息</em></p>
<figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">protected</span> AuthenticationInfo <span class="title">doAuthenticate</span><span class="params">(AuthenticationToken authenticationToken)</span> <span class="keyword">throws</span> AuthenticationException </span>&#123;</span><br><span class="line">       assertRealmsConfigured();</span><br><span class="line">       Collection&lt;Realm&gt; realms = getRealms();</span><br><span class="line">       <span class="keyword">if</span> (realms.size() == <span class="number">1</span>) &#123;</span><br><span class="line">           <span class="keyword">return</span> doSingleRealmAuthentication(realms.iterator().next(), authenticationToken);</span><br><span class="line">       &#125; <span class="keyword">else</span> &#123;</span><br><span class="line">           <span class="keyword">return</span> doMultiRealmAuthentication(realms, authenticationToken);</span><br><span class="line">       &#125;</span><br><span class="line">   &#125;</span><br><span class="line">   <span class="comment">// ······</span></span><br></pre></td></tr></table></figure>
</li>
</ol>
<p><em>继续(Step into)进入<code>this.doSingleRealmAuthentication((Realm)realms.iterator().next(), authenticationToken)</code>. 发现其通过<code>realm.getAuthenticationInfo(token)</code>获取一个AuthenticationInfo对象(其中存储着从Realm中获取的用户身份信息)</em><br><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">protected</span> AuthenticationInfo <span class="title">doSingleRealmAuthentication</span><span class="params">(Realm realm, AuthenticationToken token)</span> </span>&#123;</span><br><span class="line">        <span class="keyword">if</span> (!realm.supports(token)) &#123;</span><br><span class="line">            String msg = <span class="string">"Realm ["</span> + realm + <span class="string">"] does not support authentication token ["</span> +</span><br><span class="line">                    token + <span class="string">"].  Please ensure that the appropriate Realm implementation is "</span> +</span><br><span class="line">                    <span class="string">"configured correctly or that the realm accepts AuthenticationTokens of this type."</span>;</span><br><span class="line">            <span class="keyword">throw</span> <span class="keyword">new</span> UnsupportedTokenException(msg);</span><br><span class="line">        &#125;</span><br><span class="line">        AuthenticationInfo info = realm.getAuthenticationInfo(token);</span><br><span class="line">        <span class="keyword">if</span> (info == <span class="keyword">null</span>) &#123;</span><br><span class="line">            String msg = <span class="string">"Realm ["</span> + realm + <span class="string">"] was unable to find account data for the "</span> +</span><br><span class="line">                    <span class="string">"submitted AuthenticationToken ["</span> + token + <span class="string">"]."</span>;</span><br><span class="line">            <span class="keyword">throw</span> <span class="keyword">new</span> UnknownAccountException(msg);</span><br><span class="line">        &#125;</span><br><span class="line">        <span class="keyword">return</span> info;</span><br><span class="line">    &#125;</span><br></pre></td></tr></table></figure></p>
<ol start="5">
<li><em>继续(Step into)进入<code>realm.getAuthenticationInfo(token)</code>,既AuthenticatingRealm.java</em><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">public</span> <span class="keyword">final</span> AuthenticationInfo <span class="title">getAuthenticationInfo</span><span class="params">(AuthenticationToken token)</span> <span class="keyword">throws</span> AuthenticationException </span>&#123;</span><br><span class="line"></span><br><span class="line">       AuthenticationInfo info = getCachedAuthenticationInfo(token);</span><br><span class="line">       <span class="keyword">if</span> (info == <span class="keyword">null</span>) &#123;</span><br><span class="line">           <span class="comment">//otherwise not cached, perform the lookup:</span></span><br><span class="line">           info = doGetAuthenticationInfo(token);</span><br><span class="line">           log.debug(<span class="string">"Looked up AuthenticationInfo [&#123;&#125;] from doGetAuthenticationInfo"</span>, info);</span><br><span class="line">           <span class="keyword">if</span> (token != <span class="keyword">null</span> &amp;&amp; info != <span class="keyword">null</span>) &#123;</span><br><span class="line">               cacheAuthenticationInfoIfPossible(token, info);</span><br><span class="line">           &#125;</span><br><span class="line">       &#125; <span class="keyword">else</span> &#123;</span><br><span class="line">           log.debug(<span class="string">"Using cached authentication info [&#123;&#125;] to perform credentials matching."</span>, info);</span><br><span class="line">       &#125;</span><br><span class="line"></span><br><span class="line">       <span class="keyword">if</span> (info != <span class="keyword">null</span>) &#123;</span><br><span class="line">           assertCredentialsMatch(token, info);</span><br><span class="line">       &#125; <span class="keyword">else</span> &#123;</span><br><span class="line">           log.debug(<span class="string">"No AuthenticationInfo found for submitted AuthenticationToken [&#123;&#125;].  Returning null."</span>, token);</span><br><span class="line">       &#125;</span><br><span class="line"></span><br><span class="line">       <span class="keyword">return</span> info;</span><br><span class="line">   &#125;</span><br><span class="line">   <span class="comment">// ······</span></span><br></pre></td></tr></table></figure>
</li>
</ol>
<p><em>(Step into)进入<code>doGetAuthenticationInfo(token)</code>,既SimpleAccountRealm.java. 通过<code>getUser(upToken.getUsername())</code>进行验证用户账户信息(稍后验证密码信息),然后返回一个SimpleAccount对象(account,如root),其中包含了凭证信息(credentials,如yubuntu0109)</em><br><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">protected</span> AuthenticationInfo <span class="title">doGetAuthenticationInfo</span><span class="params">(AuthenticationToken token)</span> <span class="keyword">throws</span> AuthenticationException </span>&#123;</span><br><span class="line">        UsernamePasswordToken upToken = (UsernamePasswordToken) token;</span><br><span class="line">        SimpleAccount account = getUser(upToken.getUsername());</span><br><span class="line"></span><br><span class="line">        <span class="keyword">if</span> (account != <span class="keyword">null</span>) &#123;</span><br><span class="line"></span><br><span class="line">            <span class="keyword">if</span> (account.isLocked()) &#123;</span><br><span class="line">                <span class="keyword">throw</span> <span class="keyword">new</span> LockedAccountException(<span class="string">"Account ["</span> + account + <span class="string">"] is locked."</span>);</span><br><span class="line">            &#125;</span><br><span class="line">            <span class="keyword">if</span> (account.isCredentialsExpired()) &#123;</span><br><span class="line">                String msg = <span class="string">"The credentials for account ["</span> + account + <span class="string">"] are expired"</span>;</span><br><span class="line">                <span class="keyword">throw</span> <span class="keyword">new</span> ExpiredCredentialsException(msg);</span><br><span class="line">            &#125;</span><br><span class="line"></span><br><span class="line">        &#125;</span><br><span class="line"></span><br><span class="line">        <span class="keyword">return</span> account;</span><br><span class="line">    &#125;</span><br><span class="line">    <span class="comment">// ······</span></span><br></pre></td></tr></table></figure></p>
<p><em><code>getUser(String username)</code>的源码如下所示 :</em><br><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">protected</span> SimpleAccount <span class="title">getUser</span><span class="params">(String username)</span> </span>&#123;</span><br><span class="line">        USERS_LOCK.readLock().lock();</span><br><span class="line">        <span class="keyword">try</span> &#123;</span><br><span class="line">            <span class="keyword">return</span> <span class="keyword">this</span>.users.get(username);</span><br><span class="line">        &#125; <span class="keyword">finally</span> &#123;</span><br><span class="line">            USERS_LOCK.readLock().unlock();</span><br><span class="line">        &#125;</span><br><span class="line">    &#125;</span><br><span class="line">    <span class="comment">// ······</span></span><br></pre></td></tr></table></figure></p>
<p><em>(step out)退出<code>doGetAuthenticationInfo(AuthenticationToken token)</code>方法,然后(step into)进入<code>assertCredentialsMatch(token, info)</code>方法,其属于AuthenticatingRealm.java. 继而执行验证用户密码信息的操作</em><br><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">protected</span> <span class="keyword">void</span> <span class="title">assertCredentialsMatch</span><span class="params">(AuthenticationToken token, AuthenticationInfo info)</span> <span class="keyword">throws</span> AuthenticationException </span>&#123;</span><br><span class="line">        CredentialsMatcher cm = getCredentialsMatcher();</span><br><span class="line">        <span class="keyword">if</span> (cm != <span class="keyword">null</span>) &#123;</span><br><span class="line">            <span class="keyword">if</span> (!cm.doCredentialsMatch(token, info)) &#123;</span><br><span class="line">                <span class="comment">//not successful - throw an exception to indicate this:</span></span><br><span class="line">                String msg = <span class="string">"Submitted credentials for token ["</span> + token + <span class="string">"] did not match the expected credentials."</span>;</span><br><span class="line">                <span class="keyword">throw</span> <span class="keyword">new</span> IncorrectCredentialsException(msg);</span><br><span class="line">            &#125;</span><br><span class="line">        &#125; <span class="keyword">else</span> &#123;</span><br><span class="line">            <span class="keyword">throw</span> <span class="keyword">new</span> AuthenticationException(<span class="string">"A CredentialsMatcher must be configured in order to verify "</span> +</span><br><span class="line">                    <span class="string">"credentials during authentication.  If you do not wish for credentials to be examined, you "</span> +</span><br><span class="line">                    "can configure an " + AllowAllCredentialsMatcher.class.getName() + " instance.");</span><br><span class="line">        &#125;</span><br><span class="line">    &#125;</span><br></pre></td></tr></table></figure></p>
<p><em>(step into)进入<code>cm.doCredentialsMatch(token, info)</code>,其属于SimpleCredentialsMatcher.java. 观察Shiro是如何验证密码的 : 比较AuthenticationToken(<code>token</code>)与AuthenticationInfo(<code>info</code>)中的用户密码是否相同</em><br><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">public</span> <span class="keyword">boolean</span> <span class="title">doCredentialsMatch</span><span class="params">(AuthenticationToken token, AuthenticationInfo info)</span> </span>&#123;</span><br><span class="line">        Object tokenCredentials = getCredentials(token);</span><br><span class="line">        Object accountCredentials = getCredentials(info);</span><br><span class="line">        <span class="keyword">return</span> equals(tokenCredentials, accountCredentials);</span><br><span class="line">    &#125;</span><br></pre></td></tr></table></figure></p>

        </div>

        <blockquote class="post-copyright">
    
    <div class="content">
        
<span class="post-time">
    Last updated: <time datetime="2020-03-31T12:36:02.685Z" itemprop="dateUpdated">2020-03-31 12:36:02</time>
</span><br>


        
    </div>
    
    <footer>
        <a href="https://yubuntu0109.github.io">
            <img src="/img/my-portrait.jpg" alt="黄宇辉">
            黄宇辉
        </a>
    </footer>
</blockquote>

        
<div class="page-reward">
    <a id="rewardBtn" href="javascript:;" class="page-reward-btn waves-effect waves-circle waves-light">赏</a>
</div>



        <div class="post-footer">
            
	<ul class="article-tag-list"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/Java/">Java</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/Shiro/">Shiro</a></li></ul>


            
<div class="page-share-wrap">
    

<div class="page-share" id="pageShare">
    <ul class="reset share-icons">
      <li>
        <a class="weibo share-sns" target="_blank" href="http://service.weibo.com/share/share.php?url=https://yubuntu0109.github.io/2019/08/01/详解Shiro登录登出的操作流程/&title=《详解Shiro登录登出的操作流程》 — 欢迎参观小灰灰的网站哟 ヾ(◍°∇°◍)ﾉﾞ ~&pic=https://yubuntu0109.github.io/img/my-portrait.jpg" data-title="微博">
          <i class="icon icon-weibo"></i>
        </a>
      </li>
      <li>
        <a class="weixin share-sns wxFab" href="javascript:;" data-title="微信">
          <i class="icon icon-weixin"></i>
        </a>
      </li>
      <li>
        <a class="qq share-sns" target="_blank" href="http://connect.qq.com/widget/shareqq/index.html?url=https://yubuntu0109.github.io/2019/08/01/详解Shiro登录登出的操作流程/&title=《详解Shiro登录登出的操作流程》 — 欢迎参观小灰灰的网站哟 ヾ(◍°∇°◍)ﾉﾞ ~&source=My Personal Website For Blog" data-title=" QQ">
          <i class="icon icon-qq"></i>
        </a>
      </li>
      <li>
        <a class="facebook share-sns" target="_blank" href="https://www.facebook.com/sharer/sharer.php?u=https://yubuntu0109.github.io/2019/08/01/详解Shiro登录登出的操作流程/" data-title=" Facebook">
          <i class="icon icon-facebook"></i>
        </a>
      </li>
      <li>
        <a class="twitter share-sns" target="_blank" href="https://twitter.com/intent/tweet?text=《详解Shiro登录登出的操作流程》 — 欢迎参观小灰灰的网站哟 ヾ(◍°∇°◍)ﾉﾞ ~&url=https://yubuntu0109.github.io/2019/08/01/详解Shiro登录登出的操作流程/&via=https://yubuntu0109.github.io" data-title=" Twitter">
          <i class="icon icon-twitter"></i>
        </a>
      </li>
      <li>
        <a class="google share-sns" target="_blank" href="https://plus.google.com/share?url=https://yubuntu0109.github.io/2019/08/01/详解Shiro登录登出的操作流程/" data-title=" Google+">
          <i class="icon icon-google-plus"></i>
        </a>
      </li>
    </ul>
 </div>



    <a href="javascript:;" id="shareFab" class="page-share-fab waves-effect waves-circle">
        <i class="icon icon-share-alt icon-lg"></i>
    </a>
</div>



        </div>
    </div>

    
<nav class="post-nav flex-row flex-justify-between">
  
    <div class="waves-block waves-effect prev">
      <a href="/2019/08/01/Shiro之自定义realm及其加密/" id="post-prev" class="post-nav-link">
        <div class="tips"><i class="icon icon-angle-left icon-lg icon-pr"></i> Prev</div>
        <h4 class="title">Shiro之自定义realm及其加密</h4>
      </a>
    </div>
  

  
    <div class="waves-block waves-effect next">
      <a href="/2019/07/31/Hi-Shiro/" id="post-next" class="post-nav-link">
        <div class="tips">Next <i class="icon icon-angle-right icon-lg icon-pl"></i></div>
        <h4 class="title">Hi Shiro ~</h4>
      </a>
    </div>
  
</nav>



    




















</article>

<div id="reward" class="page-modal reward-lay">
    <a class="close" href="javascript:;"><i class="icon icon-close"></i></a>
    <h3 class="reward-title">
        <i class="icon icon-quote-left"></i>
        thanks ~
        <i class="icon icon-quote-right"></i>
    </h3>
    <div class="reward-content">
        
        <div class="reward-code">
            <img id="rewardCode" src="/img/Wechat_appreciates.png" alt="打赏二维码">
        </div>
        
    </div>
</div>



</div>

        <footer class="footer">
    <div class="top">
        

        <p>
            
                <span><a href="/atom.xml" target="_blank" class="rss" title="rss"><i class="icon icon-lg icon-rss"></i></a></span>
            
            <span>This blog is licensed under a <a rel="license" href="https://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution 4.0 International License</a>.</span>
        </p>
    </div>
    <div class="bottom">
        <!-- 统计网站用户访问量. 技术支持：不蒜子(http://busuanzi.ibruce.info/) ————> Mar 13,2019 -->
        <p>
            <font style='font-size: 12px;color:springgreen'>
                    <div align="center">
                        <!-- 安装脚本 -->
                        <script async src="//busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js"></script>
                        <!-- 安装标签 -->
                        <span id="busuanzi_container_site_pv">
                            ◎用户总访问量 : <span id="busuanzi_value_site_pv"></span> 次 ~ &nbsp&nbsp
                        </span>
                        <span id="busuanzi_container_site_uv">
                            ◎总访客数(（づ￣3￣）づ╭❤～) : <span id="busuanzi_value_site_uv"></span>人 ~
                        </span>
                    </div>
                </font>
            </p>
            <!---------->
            <p>
                <font style='font-size: 10px'>
                    <span>黄宇辉 &copy; 2019 - 2020</span>
                    <span>
                        
                        Blog source <a href="https://github.com/YUbuntu0109/YUbuntu0109.github.io" target="_blank">Github</a> 
                        Power by <a href="http://hexo.io/" target="_blank">Hexo</a>
                        Theme <a href="https://github.com/yscoder/hexo-theme-indigo" target="_blank">indigo</a>
                    </span>
                </font>
            </p>
        </div>
    </footer>
    </main>
    <div class="mask" id="mask"></div>
<a href="javascript:;" id="gotop" class="waves-effect waves-circle waves-light"><span class="icon icon-lg icon-chevron-up"></span></a>



<div class="global-share" id="globalShare">
    <ul class="reset share-icons">
      <li>
        <a class="weibo share-sns" target="_blank" href="http://service.weibo.com/share/share.php?url=https://yubuntu0109.github.io/2019/08/01/详解Shiro登录登出的操作流程/&title=《详解Shiro登录登出的操作流程》 — 欢迎参观小灰灰的网站哟 ヾ(◍°∇°◍)ﾉﾞ ~&pic=https://yubuntu0109.github.io/img/my-portrait.jpg" data-title="微博">
          <i class="icon icon-weibo"></i>
        </a>
      </li>
      <li>
        <a class="weixin share-sns wxFab" href="javascript:;" data-title="微信">
          <i class="icon icon-weixin"></i>
        </a>
      </li>
      <li>
        <a class="qq share-sns" target="_blank" href="http://connect.qq.com/widget/shareqq/index.html?url=https://yubuntu0109.github.io/2019/08/01/详解Shiro登录登出的操作流程/&title=《详解Shiro登录登出的操作流程》 — 欢迎参观小灰灰的网站哟 ヾ(◍°∇°◍)ﾉﾞ ~&source=My Personal Website For Blog" data-title=" QQ">
          <i class="icon icon-qq"></i>
        </a>
      </li>
      <li>
        <a class="facebook share-sns" target="_blank" href="https://www.facebook.com/sharer/sharer.php?u=https://yubuntu0109.github.io/2019/08/01/详解Shiro登录登出的操作流程/" data-title=" Facebook">
          <i class="icon icon-facebook"></i>
        </a>
      </li>
      <li>
        <a class="twitter share-sns" target="_blank" href="https://twitter.com/intent/tweet?text=《详解Shiro登录登出的操作流程》 — 欢迎参观小灰灰的网站哟 ヾ(◍°∇°◍)ﾉﾞ ~&url=https://yubuntu0109.github.io/2019/08/01/详解Shiro登录登出的操作流程/&via=https://yubuntu0109.github.io" data-title=" Twitter">
          <i class="icon icon-twitter"></i>
        </a>
      </li>
      <li>
        <a class="google share-sns" target="_blank" href="https://plus.google.com/share?url=https://yubuntu0109.github.io/2019/08/01/详解Shiro登录登出的操作流程/" data-title=" Google+">
          <i class="icon icon-google-plus"></i>
        </a>
      </li>
    </ul>
 </div>


<div class="page-modal wx-share" id="wxShare">
    <a class="close" href="javascript:;"><i class="icon icon-close"></i></a>
    <p>扫一扫，分享到微信</p>
    <img src="//api.qrserver.com/v1/create-qr-code/?data=https://yubuntu0109.github.io/2019/08/01/详解Shiro登录登出的操作流程/" alt="微信分享二维码">
</div>




    <script src="//cdn.bootcss.com/node-waves/0.7.4/waves.min.js"></script>
<script>
var BLOG = { ROOT: '/', SHARE: true, REWARD: true };


</script>

<script src="//unpkg.com/hexo-theme-material-indigo@latest/js/main.min.js"></script>


<div class="search-panel" id="search-panel">
    <ul class="search-result" id="search-result"></ul>
</div>
<template id="search-tpl">
<li class="item">
    <a href="{path}" class="waves-block waves-effect">
        <div class="title ellipsis" title="{title}">{title}</div>
        <div class="flex-row flex-middle">
            <div class="tags ellipsis">
                {tags}
            </div>
            <time class="flex-col time">{date}</time>
        </div>
    </a>
</li>
</template>

<script src="//unpkg.com/hexo-theme-material-indigo@latest/js/search.min.js" async></script>








<script>
(function() {
    var OriginTitile = document.title, titleTime;
    document.addEventListener('visibilitychange', function() {
        if (document.hidden) {
            document.title = 'Where are you going ?';
            clearTimeout(titleTime);
        } else {
            document.title = 'As long as you love me ~';
            titleTime = setTimeout(function() {
                document.title = OriginTitile;
            },2000);
        }
    });
})();
</script>



</body>
</html>
